« 


Innovation  guru  John  Seely  Brown  says  it’s  a  great  time  to 
#  |/  explore  fresh  ideas,  such  as  internal  and  external  cloud  computing. 
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They  thought 
their  stored  data 
was  locked  tight, 
but  they  were 
wrong. 


Microsoft  shortens 
the  list  of  Windows  7 
editions  it  will  offer 
-  sort  of. 

Spending  on  SaaS  is 
growing  at  double¬ 
digit  rates,  as  users 
look  to  cut  software 
costs. 

Despite  the  recession, 
the  tech  jobs  outlook 
isn’t  all  gloomy  -  just 
mostly  so. 


The  H-1B  debate 
would  be  more 
constructive  with 
less  rancor. 

Is  Apple  in  trouble 
without  Steve  Jobs? 
Not  really. 

Single  point  of 
failure?  In  crazy 
times  like  these,  it 
could  be  any  one 
of  us. 


A  list  of  the  10  best 
jobs  in  the  country 
includes  two  from  the 
world  of  IT. 


Your  potential.  Our  passion: 


Let's  leave  the  hardware  where  it  is. 

A  software-based  VoIP  solution 
from  Microsoft  is  a  whole  new  way 
to  look  at  telephony. 

As  it  turns  out,  that  important 
move  to  VoIP  isn't  about  ripping  and 
replacing  or  big,  upfront  costs.  That's 
because  it's  no  longer  about  hardware. 

It's  actually  about  software. 

That's  right.  Keep  your  hardware — 
your  PBX,  your  gateways,  even  your 
phones.  Add  software.  Software  that 
integrates  with  Active  Directory* 
Microsoft*  Office,  Microsoft  Exchange 
Server,  and  your  PBX.  Simply  maximize 
your  current  PBX  investment  and  make 
it  part  of  your  new  software-based 
VoIP  solution. 

Because  what  you  have  is  good. 
What  you  have  with  the  right 
software  is  even  better.  Learn  more 
at  microsoft.com/voip 


W  I  just  two  main  versions 

■  ■  of  Windows  7,  but  six 

Windows7|^i^SL 


government.  |  SAP  launches 

Business  Suits  7.  a  coordinated 
upgrade  of  its  applications. 

10  As  encryption  in  disk  drives 

spreads,  users  and  analysts  are 
concerned  that  lost  passwords  or 

'  the  permanent  loss  of  critical  data. 

■  NEWS  ANALYSIS 
12  SaaS  Still  on  the  Rise, 
Despite  Down  Economy.  The 

promise  of  quick  savings  is  help¬ 
ing  software  as  a  service  to  thrive, 
although  some  users  are  concerned 
about  long-term  costs  and  security. 

18  Tech  Jobs  Forecast:  Mostly 
Gloomy,  With  Some  Bright 
Spots.  ThenumberoflTjobsinthe 
U.S.isshrinkinginresponsetothe 


■  DEPARTMENTS 
AND  OPINIONS 

4  Editor's  Note:  Don  Tennant 

laments  the  fact  that  an  uncivil  tone 
often  tarnishes  the  H-1B  debate. 

25  Scot  Finnie  proposes  that 
Steve  Jobs'  absence  from  Apple 
might  not  be  such  a  bad  thing. 

40  Career  Watch:  Two  IT  posi¬ 
tions  make  it  into  a  new  ranking  of 
the  top  10  jobs  in  the  nation. 

42  Shark  Tank:  Boss  gives 
pilot  fish  a  refresher  course  on  the 
policy  about  accepting  gifts  _  ' 

from  vendors  (and  who  •  ,  I 

has  to  obey  it).  "SJ® 

44  Frankly  Speaking:  Frank 
Hayes  worries  that  when  were  all 
overworked,  were  all  potentially 
single  points  of  failure. 


BREAKING  NEWS  AT  COMPUTERWORLD.COM 


Inside 


COMPUTERWORLD  ■  FEBRUARY  9.  2009 


I  34  Locked 
•  Down  in 
1  Transit 


26  Blindsided! 

Breaches  of  stored  data  are  rising  steadily, 
yet  many  companies  still  don’t  know  how  to 
protect  against  them.  Here's  a  look  at  five 
headline-grabbing  breaches  and  how  you  can 
avoid  similar  mishaps. 


32  Locked 
Down  in 
The  Data 
Center 


iHHP  Storage  professionals 
describe  the  latest 

techniques  for  protecting  stored  data  within 
company  wails. 


LjfegSi  IT  managers  are  often 

'  hampered  in  their  efforts  to 

-  '  protect  tapes  and  laptops 

because  they  buy  into  one  or  more  of  six 
common  myths  about  movable  media. 

(Myth  1:  Tapes  are  obsolete.) 

36  Solid  State  s 
New  Kill  Switch 

By  taking  advantage  of  a  key  property  of  the 
flash  memory  chips  that  make  up  solid-state 
disks,  systems  manufacturers  are  creating 
“fast-erase”  features.  Available  today  for 
military  use.  this  func- 
tionality  could  catch  on 

for  business  applications  H-  ^  J  '• 
ranging  from  back-end  " 

enterprise  SSD  storage  to 
executive  laptops.  BHMicro's  removabh 

37  QuickStudy 

Our  primer  on  XAM.  or  Extensible  Access 
Method,  explains  how  the  technology  is 
used  to  preserve  the  authenticity  of  “fixed" 
content,  such  as  stored  e-mail  and  images 
of  X-rays  or  cancelled  checks. 

a  38  Opinion 

Without  an  overall  game 
plan  for  storage  security,  it's 
likely  that  efforts  will  be 
duplicated  in  some  areas 
and  that  tasks  will  be  over¬ 
looked  in  others,  says  columnist  James  Da- 
moulakis,  CTO  at  GlassHouse  Technologies. 


Starfish  lack  one  centralized  brain. 


They  can’t  process  information  seamlessly. 

But  you  can.  With  proven  business  analytics  software  and  services  from  SAS. 

www.sas.com/starfish 


•  Data  integration  .  Performance  management 

•  Analytics  •  Targeted  business  and 

•  Query  and  reporting  industry  solutions 


POWER 

OUO  TO  KNOV 


Don  Tennant 


Tarnished  Discourse 


_  _  ,  .  .  .  .  .  .  .  ,  thoughtful  discourse. 

V  F  THERE’S  one  thing  we  hate  doing  around  here,  it  s  Nor  is  it  difficult  to  imag- 

removing  reader  comments  from  our  Web  site.  We  feel  '"e  ways  in  which  such 

,  .  ,  discourse  can  be  advanced, 

very  strongly  that  our  readers’  voices  should  be  heard,  a  couple  of  weeks  ago,  i 

regardless  of  how  objectionable  any  one  of  us  might  find  whoare 

a  particular  viewpoint.  But  there  are  occasions  when  the  right  working  with  enterprise 

thing  to  do  is  pull  the  plug.  wTTnXTTo^Tch' 

Such  an  occasion  arose  |  meaning  comment  directed  I  tested  the  views  I  expressed  the  education  of  students  in 
last  Wednesday  morning,  at  a  reader  presumed  by  the  is  beside  the  point.  It  makes  the  city’s  school  system.  CA 


But  it's  different  when 
the  malice  is  directed  at 
other  readers.  And  when 
the  forum  degrades  into 
a  vehicle  for  hate  speech, 
we  make  no  apologies  for 
deleting  any  offending 
post.  That’s  what  happened 
Wednesday,  when  we 
removed  a  derogatory,  de- 


■  When  the  forum 
degrades  into  a 
vehicle  for  hate 
speech,  we  make 
no  apologies 
for  deleting  any 
offending  post. 


Coincidentally  enough,  it 
was  also  on  Wednesday 
morning  that  I  received  an 


every  ounce  of  self  contra 
not  to  send  harsh  feedbad 
or  post  a  comment  that 
was  full  of  bile."  Instead, 


gratifying  to  imagine  how 
far  their  exploration  will 
take  them  from  what  tar¬ 
nishes  our  discourse  today.  ■ 


tennant(a)computerworld. 
com,  and  visit  his  blog  at 
httpy/blogsxomputerworld 
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Not  the  Time  to  Regress  Cost  Concerns  Usually 
In  IT  Management  Drive  IT  Change  Efforts 

I  often  enjoy  reading  the  topics  I  greatly  enjoyed  Gary  Anthes’  col- 


solutions  manager,  Fiserv  Inc.,  ■  Tim  Magee,  Lexington,  Ky., 

Atlanta,  david.tatum@fiserv.com  I  tmagee@ureach.com 
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Windows  7:  Two  Main 
Editions,  Six  All  Told 

•  ooking  TO  ad-  makers  and  the  huge  base  of 

dress  complaints  Windows  users, 
about  the  prolifer-  “We  did  a  lot  of  research 

ation  of  Windows  and  talked  to  a  lot  of  [hard- 
editions,  Micro-  ware]  partners  and  cus- 
soft  Corp.  last  week  said  it  tomers,”  Ybarra  said.  “Our 

will  sell  Windows  7  in  two  biggest  challenge  is  that  we 

primary  versions:  one  for  have  over  1  billion  custom- 

business  users  and  the  other  ers.  It’s  hard  to  satisfy  all  of 
for  consumers.  them  [with  two  versions].” 

However,  the  software  Windows  7  Professional 

vendor  will  still  offer  six  will  be  the  principal  version 
editions  of  the  upcoming  for  businesses,  with  a  Home 

operating  system  altogether.  Premium  edition  as  its  peer 


at  gamers  and  PC  enthusi¬ 
asts.  But  PC  vendors  wanted 
that  version  to  be  kept  be¬ 
cause  they  see  it  as  a  way  to 
differentiate  their  systems. 

Separately,  Microsoft  said 
it  will  offer  upgrades  from 


Mike  Ybarra,  Microsoft's  on  the  cons 
Windows  general  manager.  hearkens  b: 
said  the  various  versions  licensing  st 

are  necessary  in  order  to  dows  XP,  w 
fully  meet  the  needs  of  PC  had  two  ms 


on  the  consumer  side.  That 
hearkens  back  to  Microsoft’s 
licensing  strategy  for  Win¬ 
dows  XP,  which  similarly 


Ponemon’s  figures 
include  direct  expenses 
for  breach  detection, 
mitigation  and  response, 
plus  indirect  costs  like 
customer  defections. 


$139  of  the  avenge  breach 
cost,  said  Larry  Ponsmon, 
the  think  tank’s  chairman. 

Gartner  Inc.  analyst  John 
Pescatore  said  Ponemon's 
figures  were  “In  the  ball- 


thanwhat  we’ve  seen"  -but 
not  by  much,  he  said. 

-  JAIKUMAR  VIJAYAN 


ENTERPRISE  APPLICATIONS 

SAP  Unveils  i 
Full  Upgrade  j 
Of  ERP  Suite  ; 

SAP  AG  last  week  unveiled  a 
new  version  of  its  Business 
Suite  ERP  software,  which  ana-  ! 
lysts  said  marks  the  first  time  ! 
the  modules  are  integrated  on  a  j 
single  underlying  platform.  j 

‘People  have  had  this  percep-  ; 
thm  that  it's  this  one  integrated  I 
system,  but  the  reaKty  is  the  ! 


said  Ray  Wang,  an  analyst  at 
Forrester  Research  Inc.  Now 
the  full  suite  sits  atop  SAP’s 


on  the  company’s ' 
ment  package'  strategy,  which 
allows  users  to  add  specific 
functions  without  a  full  upgrade. 


A  spokesman  added  that  the 
upgraded  suite  also  includes  a 
dashboard-like  interface  to  pull 
in  relevant  information  from 


At  a  launch  event  in  New  York. 
SAP  CEO  Leo  Apotheker  called 
the  new  offering  “a  keystone 
we  will  build  on  for  the  future." 

Jennifer  Ailerton.  CIO  at  Roche 
Holding  Ltd.'s  pharmaceutical 
division,  said  SAP's  new  syn¬ 
chronized  release  schedule  is 
good  for  her  company. 

In  the  past  release  dates  for 


over  the  place"  she  said. ‘Now 
it's  easier  to  plan  for  them." 

CHRIS  KANARACUS. 
IDS  NEWS  SERVICE 


GIANT  LEAPS. 

SMALL 

FOOTPRINTS. 


dramatically.  IBM  storage  virtualization  solution: 
a  responsible,  energy-efficient  way.  The  IBM 
le  Controllercan  reduce  storage  growth  by  up  ti 
is  much  as  30"o.  And  combined  with  IBM  tape 
lave  reduced  their  TCO  by  as  much  as  50°  „.  A 
rer  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

ibm.com  green  into 
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■  NEWS  DIGEST 


BETWEEN  THE  LINES 


By  John , 


are  members  of  the  TCG. 

Corporate  IT  managers 
acknowledge  the  potential 
problems  but  say  that  steps 
can  be  taken  to  overcome 
them.  For  example,  Adapta- 
Soft  Inc.,  a  maker  of  payroll 
systems  software,  requires 
workers  to  store  critical  data 
on  the  company’s  network 
drive  rather  than  on  lap¬ 
tops  with  encrypted  hard 
disk  drives,  said  CIO  David 
Virkler. 

AdaptaSoft  installed 
Seagate’s  self-encrypting, 
2.5-in.  Momentus  5400.2 
drives  on  its  Dell  laptops 
in  October  2007  to  better 
protect  customers’  financial 
data.  Virkler  also  noted  that 
implementing  a  group  policy 
eased  what  could  have  been 
a  “painful”  rollout  of  the 

Ken  Waring,  IT  direc¬ 
tor  at  Toronto-based  CBI 


Global 

Dispatches 

Satyam  Promotes 
MurtytoCEO 

HYDERABAD,  India -Strug¬ 
gling  Satyam  Computer  Ser¬ 
vices  Ltd.  last  week  promoted 


Murty  to  CEO.  a  move  that  may 
be  temporary  as  the  company 
looks  to  sell  itself. 

The  company  also  said  that 
H  has  raised  about  $130  mWon 
(U.S.)  in  working  capital  from 
banks  as  advisers  -  The  Boston 
Consulting  Group,  Goldman 
Sachs  and  Avendus  Capital 


outsourcers  Ha  Technolo¬ 
gies  Ltd.  and  IGate  Carp.,  have 
shown  Interest  in  investing  In 
Satyam. 

The  firm  plunged  into  a 


300-millimeter  chip  factory  in 


admitted  that  Satyam  had 
inflated  its  financial  results  for 
several  years.  Raju  and  two 
other  top  executives  resigned 


Intel  Shuttering 


The  company  said  that  it 
will  offer  some  of  the  plant’s 
2,000  workers  an  opportunity 
to  take  (obs  at  Intel  facta' 
in  Chengdu  or  Dalian. 

Intel  added  that  It  still 
plans  to  build  a  new 
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ENERGY 
COSTS  DOWN, 
KARMA UP 


Today,  datacenters  eat  up  to  30  times  more  energy  per  square  foot  than  a 
typical  office.  The  answer:  IBM  green  datacenter  and  IT  services. Tney 
can  help  you  implement  a  conservation  policy  and  measure,  manage  and 
report  on  real  results  against  it.  Many  IBM  customers  have  doubled  their 
IT  capacity:  others  have  reduced  energy  costs  by  40%  or  more.  A  greener 
world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Take  the  first  step  toward  a  greener  datacenter  at  ibm.com/green/services 
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Some  users  think 
software  as  a 
service  could  cause 
long-term  financial 
pain.  But  the 
immediate  savings 
gains  are  trumping 
such  fears  now. 
By  Patrick  Thibodeau 


Not  separate  systems 


1 

■  l 

— ,  1 
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Partners  Healthcare  works  with  InterSystems. 


The  IT  group  at  Partners  Healthcare  System  in  New 
England  is  an  innovator  in  connected  healthcare.  They 
work  with  InterSystems  Ensemble®  software  to  deliver 
better  care  at  lower  costs  to  over  four  million  patients. 

Ensemble  is  a  rapid  integration  and  development 
platform  that  makes  it  much  easier  to  connect 
applications,  processes,  and  people  -  and  to  develop 
composite  applications. 

Ensemble  includes  InterSystems  Cache®,  the 


world’s  fastest  object  database.  Cache’s  lightning 
speed,  massive  scalability,  and  rapid  development 
environment  give  Ensemble  unmatched 
capabilities. 

For  30  years,  we’ve  been  a  creative  technology 
partner  for  leading  enterprises  that  rely  on  the 
high  performance  of  our  products.  Ensemble  and 
Cache  are  so  reliable  that  the  world's  best  hospitals 
use  them  for  life-or-death  systems. 


ImterSystems 


Read  the  case  study  about  Partners  Healthcare  at  InterSystems.com/Connectl8A 


Can  your 
backup  software 
do  this ? 


£  Eliminate  up  to  half  your  tape  drives 

f  Eliminate  the  backup  window 

*  Deduplicate  enterprise  data 

*  across  all  tiers,  including  tape 

£  Reclaim  space  on  primary  storage 

a  Archive,  preserve,  and  search 

*  information  for  eDiscovery 

f  Reduce  off-site  tapes  by  up  to  90% 

a  Reduce  data  management  costs 

by  up  to  40% 


introducing 


SIMPANA.  8 


flocking  to  CommVault  and  its  #1  end-user-ranked 
enterprise  backup  product.  But  backup  is  just  the  beginning.  With  the  industry's  only 
truly  unified  single  platform,  Simpana®  software  provides  a  dramatically  superior  way 
for  enterprises  to  handle  data  protection,  eDiscovery,  recovery,  and  information 
nagement  requirements. 

Now,  the  groundbreaking  new  features  of.  Simpana  8  make  it  easier  than 

solve  immediate  backup  and  data  management  problems,  improve 
operations,  lower  costs,  eliminate  disparate  point  products,  and  set  your 
enterprise  up  with  a  scalable  platform  to  meet  your  needs  far  into 


good  to  be  true?  We'll  be  happy  to  prove  it  to  you. 
Call  888-667-2451 .  Or  visit  www.commvault.com/simpana 
gn  up  for  an  introductory  webinar. 


commvault 

solving  forward 


BACKUP  & 
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SAAS  FUTURES 

■  Market  raiMrclwrlDC 

companies  wM  be  using  at 
least  one  SaaS  appicatian. 

by  year's  end,  nearly 
35%  of  worldwide  SaaS 
revenue  will  came  from 
outside  the  U.S.,  DC  says. 

organizations,  including 
the  U.S.  Army  and  Sonoco 
Products  Co.,  a  $4  billion 
maker  of  packaging  prod¬ 
ucts  ii^y&rtsville,  S.C. 

Jennifer  Roberts,  Sonoco's 
supply  systems  manager, 
said  she  was  able  make  an 
apples-to-apples  cost  com¬ 
parison  of  SaaS  vs.  in-house 
software.  And  in  Sonoco's 
case,  she  thinks  the  SaaS 
approach  will  cost  less. 

pie  military  cooking.  The 
Army  collects  basic  contact 
and  demographic  informa¬ 
tion  from  visitors  who  regis¬ 
ter  at  the  center,  and  it  then 
uses  the  data  to  customize 
its  recruiting  pitches. 

The  data  goes  into  the 

SaaS  application,  which  has 
been  integrated  with  an 
in-house  system  for  proc¬ 
essing  recruits.  That  work 
was  done  for  the  Army  by 

recruits.  No  Social  Security 
numbers  or  other  personally 
identifiable  information  is 
ever  entered  into  the  Sales- 
force.com  application,  ac¬ 
cording  to  Dillard. 

Mane  USA  Inc.,  a  fra¬ 
grance  and  flavorings  maker 
in  Wayne,  N.J.,  adopted  a 

SaaS  version  of  Automatic 

Data  Processing  Inc.’s  pay¬ 
roll  and  benefits  software 
about  a  year  ago.  Employees 

organizations  that  re¬ 
sponded  to  a  Gartner  Inc. 
survey  last  summer  said 
they  piannad  to  increase  or 
maintain  their  use  of  SaaS 

Continued  from  page  12 
users  aren't  certain  whether 
it  would  actually  cost  less  to 
use  a  SaaS  application  than 

of  the  on-premises  version 
of  Ariba  Inc.'s  procurement 
applications.  But  the  compa¬ 
ny  wanted  to  expand  its  use 
of  the  software,  and  Roberts 
said  that  installing  another 
module  in-house  would 
have  required  new  hard¬ 
ware  and  the  likely  addition 
of  an  IT  worker  to  manage 

systems  integrator  Acumen 
Solutions  Inc.  in  Vienna,  Va. 

“This  is  a  new  model  for 
the  government  to  be  using 
SaaS  in  this  way,"  said  Maj. 
Larry  Dillard,  a  marketing 
officer  who  is  heading  the 
Army  Experience  Center 
program.  Dillard  empha¬ 
sized  that  it  is  still  very 

now  have  self-service  capa¬ 
bilities  for  making  benefits 
changes,  freeing  up  Mane’s 
human  resources  staff  to  do 
other  work,  said  Deborah 

Knighton,  the  company’s 
vice  president  of  HR. 

The  SaaS  system  has  also 
reduced  the  amount  of  work 

HR  needs  to  do  to  process 
year-end  tax  data,  shorten¬ 

run  an  in-house  one  because 
they  don't  have  a  good 
breakdown  of  the  IT  costs 
associated  with  supporting 
individual  apps.  In  addition, 
developing  precise  cost 
comparisons  can  be  difficult 
because  the  potential  sav¬ 
ings  from  SaaS  implementa¬ 
tions  often  involve  intan¬ 
gible  items. 

For  example,  when  com¬ 
panies  move  to  SaaS,  they 
often  shift  control  of  ap- 

and  monitor  the  system. 

That  would  have  pushed 
Sonoco's  long-term  costs 
above  what  it’s  paying  Ariba 
for  the  SaaS  deployment, 
according  to  Roberts,  who 
declined  to  disclose  specific 
cost  information. 

Roberts  also  predicted 
that  SaaS  will  increase  her 
leverage  with  vendors  such 
as  Ariba  by  making  it  easier 
for  Sonoco  to  switch  to  rival 
offerings  if  it  decides  that 

'  ££  The  benefits  1 
HH  we  got  [from 
SaaS]  far  exceeded 
the  cost,  if  you  look 
at  it  from  a  soft* 
dollar  standpoint. 

DEBORAH  KNIOHTON, 

VICE  PRESIDENT  OF  HUMAN 
|  RESOURCES.  MANE  USA  INC.  | 

much  a  pilot  project,  but  he 

ing  the  time  required  from 
several  weeks  to  a  day.  “The 
benefits  we  got  far  exceeded 
the  cost,  if  you  look  at  it 
from  a  soft-dollar  stand¬ 
point,”  Knighton  said. 

Also  last  year,  Springs 

Valley  Bank  &  Trust  Co.  in 

Jasper,  Ind.,  switched  from 
an  in-house  payroll  system 
to  SaaS  software  offered 
jointly  by  application  devel¬ 
oper  Unicorn  HRO  Inc.  and 
development  tools  vendor 

I  'u, 

THE  ROAD  TO 

i  HIGHER 

AVAILABILITY 


l  When  You 
i  Need  It  Most 


SunGard  Availability  Services  help  your  business  move  forward  with 
the  most  advanced  and  widest  choice  of  information  availability  options 


in  the  industry 


From  virtualization  to  hot  sites  to  replication  and  vaulting— SunGard  Availability  Services 
does  it  all.  And  it's  all  we  do.  That  kind  of  focus  helps  ensure  high  availability  of  data, 
applications  and  systems  and  fits  your  needs  and  budget  precisely. 


When  we  partner  with  you,  you  worry  less  about  the  road  ahead.  Here's  why: 
a  track  record  of  100%  successful  recoveries;  over  60  facilities  with  redundant 
power  connected  to  SunGard's  secure  global  network;  and  more  than  20,000  end- 
user  positions  in  facilities  across  North  America  and  Europe.  SunGard  Availability 
Services— the  information  availability  solution  for  businesses  that  must  run  non-stop. 
Keep  moving,  call  1-800-468-7483  or  visit  www.availability.sungard.com. 


SUNGARD 

Availability  Services  i  Connected 7 

Microsoft  Corp.  plannee 


worker  flew  to  the  software 
vendor's  home  city  of  Red¬ 
mond,  Wash. 

“We  don’t  like  to  pass  on 
-a  good  talent,"  said  Reyn¬ 
olds,  who  described  the 
Jan.  26  trip  to  Redmond  as 
a  bit  of  "gonzo  recruiting.” 
He  and  his  colleague  spent 
part  of  the  day  outside  of 
Microsoft's  headquarters, 
holding  banners  in  an  effort 
to  attract  the  attention  of 
the  employees  there. 

AHCS  has  also  set  up  a 
new  Web  site  aimed  at  Mi¬ 
crosoft  workers,  featuring  a 
picture  of  a  beach  with  the 
tagline  “This  is  our  Vista.” 
The  site  plays  a  song  spe¬ 
cifically  chosen  to  appeal  to 
people  from  the  Seattle  area: 
"Sunny,"  which  begins  with 


TECH  JOBS  FORECAST: 

Mostly  Gloomy, 
WrtnSom 
Bright  Spots 

The  number  of  IT  positions 
is  shrinking  because  of  the 
recession.  But  there  are  still  jobs 
to  be  had.  By  Patrick  Thibodeau 

puter  Consultant  Businesses  |  IT  job  openings,  including 
in  Alexandria,  Va.  That  fol-  database  and  network  ad- 
lowed  a  loss  of  almost  34,000  ministrator  positions. 


workers  in  a  move  that  it’s 
describing  as  an  effort  to 
“match  skills  and  resources 
with  our  client  needs." 

Other  vendors  are  adding, 
not  cutting,  workers.  For 
instance.  Access  Systems 
Americas  Inc.  in  Sunnyvale, 
Calif.,  has  about  a  dozen 
openings,  including  some 
for  tech  jobs.  Access,  which 
was  previously  known  as 
PalmSource  Inc.,  is  the  de¬ 
veloper  of  the  Garnet  mobile 
operating  system,  formerly 
named  Palm  OS. 

In  a  sign  of  the  times, 
though,  Access  is  getting 
significantly  more  applica¬ 
tions  for  the  open  jobs  than 
it  did  when  the  economy  was 
in  better  shape.  In  the  past, 
the  company  might  have  re- 


sSharePoint  enough? 


In  the  wake  of  new 
regulations,  make  sure  your 
clucks  are  in  a  row  with 

Autonomy  ControlPoint 


A- 

Autonomy 


Meeting  Governance  Needs  with 

Autonomy  Control  Point 


Microsoft  Office  SharePoint  Server 
(MOSS)  provides  a  portal  environment  for 
enterprises  to  improve  departmental  collaboration. 

It  has  been  rapidly  deployed  because  of  Its  ease  of 
installation  and  straightforward  user  Interface. 

Ironically,  this  rapid  proliferation  of  SharePoint  has  led 
many  companies  to  lose  control  of  the  very  content 
they  had  hoped  to  manage.  Because  SharePoint 
is  so  easy  to  deploy,  many  SharePoint  sites  are 
created  outside  of  the  company's  standard  operating 
procedure  for  controlled  information  and  archiving, 
often  leading  to  litigation  resulting  from  compliance 
violations  and  accidental  preservation  or  destruction  of 
legally  relevant  material. 

In  the  wake  of  new  regulations,  sub-prime  mortgage 
and  credit  crisis,  and  highly  publicized  internal  fraud 
cases,  organizations  are  under  increased  pressure  to 
implement  consistent  information  policies  for  finding, 
holding  and  disposing  of  content  in  a  timely  manner. 


Advanced  needs 

Designed  for  easy  collaboration,  MOSS  only 
addresses  the  “productivity”  stages  of  the  information 


lifecycle,  with  inadequate  controls  for  maintenance  and 
disposition  of  content.  It  lacks  governance  functionality 
including  advanced  needs  around  taxonomy  creation 
or  categorization  of  documents  against  a  classification 
schema,  which  powers  information  management  policies 
as  well  as  crucial  records  management  processes. 
Applying  legal  hold  policies  within  MOSS  can  be 
onerous  and  requires  manual  search  and  tag  methods. 
Companies  are  also  recognising  that  they  have  no 
centralized  control  or  discovery  of  the  information  being 
published  and  collaborated  on  in  SharePoint  servers 
that  are  increasingly  siloed,  which  can  lead  to  severe 
regulatory  consequences. 

Autonomy,  a  global  leader  in  infrastructure  software 
for  the  enterprise,  integrates  transparently  with  MOSS 
to  enhance  SharePoint's  information  governance  and 
eDiscovery  capabilities.  Autonomy  ControlPoint  is  the 
industry's  first  information  governance  platform  that 
enables  real-time,  policy-driven  control  of  all  SharePoint 
content,  ensuring  that  customers  are  able  to  manage 
their  SharePoint  content  in  true  alignment  with  today's 
growing  corporate,  legal  or  regulatory  standards. 

Critical  governance  tasks 

ControlPoint  automates  critical  governance  tasks, 
including  classification,  preservation  or  disposition 
of  information  assets  based  on  its  unique  ability  to 
understand  the  meaning  of  information  being  shared 
across  different  SharePoint  servers  and  other  content 
repositories.  Based  on  this  conceptual  understanding, 
ControlPoint  automatically  applies  and  enforces 
governance  policies,  bringing  all  SharePoint  content 
under  control  and  into  compliance. 


to  assign  teams  of 
risk  managers,  legal  professionals  and  compliance 
officers  to  manage  information  fisk  developing  across 

SharePoint  sites.  It  uses  a  centralized  policy  hub  to 
enforce  governance  control  across  distributed  networks, 
an  increasingly  critical  function  given  that  SharePoint 
servers  are  typically  siloed  throughout  the  enterprise. 


At  the  heart  of  ControlPoint  lies  Autonomy's  Intelligent 
Data  Operating  Layer  (IDOL)  Server.  IDOL  forms  a 
conceptual  and  contextual  understanding  of  all  content 
in  the  enterprise,  indexing  and  automatically  analyzing 
any  piece  of  information  from  over  1 ,000  different  content 
formats.  For  the  heterogeneous  enterprise  that  holds 
SharePoint  as  just  one  source  of  data,  Autonomy's 
mature  connector  framework  (supporting  over  400 
different  types  of  repository)  enables  search  across  the 
entire  enterprise  corpus  from  the  SharePoint  interface, 
allowing  for  an  unprecedented  view  of  the  organization’s 
information  assets  as  well  as  for  legally  compliant 


With  ControlPoint,  all  information  Is  visible,  transparent, 
and  available  to  be  controlled  and  governed.  For 
instance,  ControlPoint  can  perform  comprehensive 
discovery  across  all  information  to  find  out  what  resides 
in  SharePoint  sites.  It  then  determines  what  content  sits 
outside  the  disposition  spectrum  and  creates  a  policy  to 
delete  such  information  from  SharePoint.  ControlPoint 
can  also  discover  that  potentially  sensitive  information 
is  not  properly  governed  with  adequate  security  and 
compliance  procedures,  and  automatically  move  the 
content  to  the  ControlPoint  records  management  archive 
or  put  it  on  preservation  should  it  be  subject 
to  a  legal  matter. 

The  ControlPoint  policy  engine  can  be  constructed 
to  perform  automated  actions,  preserve  and  dispose 
of  SharePoint  content,  and  move  information  across 
SharePoint  sites.  ControlPoint  provides  full  reporting 
functionalities,  and  a  high-level  dashboard  designed 
for  non-IT  personnel  that  presents  a  holistic  view  of  the 
enterprise's  information  governance  landscape. 


ControlPoint 's  integrated  SharePoint  client  makes 
it  easy  to  move  content  from  SharePoint  document 
libraries  into  the  Autonomy  repository  while  leaving 
a  Smart  Shortcut,  or  link  behind.  After  migration, 
Autonomy  manages  the  storage  lifecycle  of  the 
SharePoint  content  moving  it  from  top  tier  storage, 
through  to  lower  cost  storage,  based  on  the  rules 
provided  by  the  organization's  strategy. 

“A  Dcloitte  survey  of  more  than 
500  executives  reveals  that  nearly 
40  percent  believe  their  data 
volume  has  grown  to  the  point  of 
being  unmanageable. " 

—ARMA  Inhriuilioinil.  Inform, Hi, w  M, in, i^, ■mail 
Nemwirc.  September  20DS 


Bringing  SharePoint  into  Compliance: 
Autonomy  ControlPoint  Highlights 


With  the  ability  to  understand  more  than  1 ,000  file- 
types,  Autonomy  ControlPoint  centrally  manages  any 
information  asset  and  applies  legal  hold  and  disposition 
from  across  different  SharePoint  servers  and  other 
repositories  on  a  company’s  wide  area  network. 

It  delivers  a  broad  set  of  functionalities  specifically 
designed  to  address  the  information  governance 
challenges  with  MOSS,  including: 

Seamless  integration  into  SharePoint 
environment 

Apply  consistent  Information  Governance  and 
eDiscovery  across  SharePoint  and  other  corporate 
repositories  with  over  400  connectors  and  1,000  file 
types  supported. 

Dashboard  views  enable  automated 
information  management 

Customized  dashboards  provide  alerting  and 
transparency  to  information  management  processes 
within  MOSS  and  throughout  the  enterprise,  increase 
visibility  and  streamline  governance  actions  such  as  legal 
hold  and  disposition. 


Management  of  all  SharePoint 
content  in  place 

This  eliminates  the  need  to  replicate  content  within 
SharePoint  sites  and  from  other  servers.  It  also  ensures 
that  information  related  to  a  legal  hold  or  regulatory 
matter  is  not  accidentally  deleted  while  in  use. 

Enhanced  analytics,  security  and 
reporting  mechanisms 

Support  for  a  rich  feature-set  on  MOSS  content  such  as 
clustering,  faceted  navigation  and  visualizations. 

Improved  performance 

Reduce  costs  and  improve  performance  over  wide-area- 
networks  by  eliminating  the  need  to  store  SharePoint 
data  in  SQL  Server. 


To  Learn  more  about  Autonomy 
ControlPoint,  call  415.342.9955  or  visit 
www.autonomy.com/controlpoint. 
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Ambition:  “Making  technology 
disappear  by  designing  it  so 
that  it  perfectly  matches  your 


John  Seely  Brown 

The  innovation  whiz  talks  about 
dropping  old  assumptions,  finding 
silver  linings  and  living  on  the  edge. 


John  Seely  Brown  is  a  visiting  scholar  at 
the  Annenberg  School  of  Communica¬ 
tion  at  the  University  of  Southern  Cali¬ 
fornia  and  a  co-chairman  of  the  Deloitte 
Center  for  Edge  Innovation.  He  was  pre¬ 
viously  the  chief  scientist  at  Xerox  Corp. 
and  director  of  the  Xerox  Palo  Alto 
Research  Center.  His  research  interests 


include  digital  culture,  ubiquitous  com¬ 
puting,  Web  services  architectures,  and 
organizational  and  individual  learning. 

Are  there  any  silver  linings  to  the  financial 
cloud  we're  under?  Every  board  I'm  on 
is  terrified  of  the  financial  crisis  we 
are  in.  Everybody  is  battening  down 


the  new  opportunities  this  might  pro¬ 
vide?"  Maybe  it’s  realignments  of  the 
industry  that  we  could  help  accelerate. 
Let’s  look  at  the  opportunities  on  the 
opposite  side  of  this. 

How  can  you  haip  them  do  that?  The 

value  lies  in  the  questions  you  ask, 
not  necessarily  the  problems  you 
solve.  Asking  a  question  in  a  useful 
and  productive  way  often  gets  people 
to  discover  things  themselves.  You 
get  stopped  by  the  question,  and  you 
think,  “Wow,  here  we  have  stuck  our 
heads  in  the  sand,  paying  very  close 
attention  to  our  knitting,  and  we  have 
not  looked  at  this  from  the  other  side.” 
There  is  almost  always  a  silver  lining  if 
you  ask  the  right  question  at  the  right 
time  in  a  nonthreatening  way. 
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■  THE  GRILL  JOHN  SEELY  BROWN 


of  new  ideas  by 
paying  attention 
to  the  edges. 


big  structural  changes  in  the  IT  indus¬ 
try?  How  do  we  use  utility  computing? 
What  are  the  new  ways  to  save  energy? 
How  do  we  start  to  use  internal  cloud 
computing  and  external  cloud  comput¬ 
ing?”  For  example,  if  I’m  in  a  start-up 
today,  Td  not  want  to  invest  precious 
money  in  more  servers.  I’d  be  looking 
at  how  I  could  use  the  Amazon  cloud 
in  order  to  just  pay  for  what  I  use  and 
at  the  same  time  get  a  whole  new  kind 
of  agility  and  scalability. 

What  is  “internal"  cloud  computing? 

Shouldn’t  we  be  looking  at  these  same 

ideas  for  dynamic  reprovisioning  and 

monitoring  as  a  way  to  provide  our  own 
services?  So,  basically  the  CIO  meters 
out  pay-as-you-go,  on-demand  services 

to  internal  divisions.  And  if  you  do  the 

internal  utility  computing  right,  you 
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ought  to  be  able  to  seamlessly  bring  in 
external  resources  on  demand. 

What  do  you  mean  by  “adga”  innovation? 

Edges  are  where  the  action  is.  There’s 
the  generational  edge,  where  kids  come 
up  with  all  kinds  of  new  ideas.  They 
have  very  different  work  practices.  How 
can  your  company  leverage  those  prac¬ 
tices  rather  than  just  assume  they  should 
accept  your  work  practices?  Then,  at  the 
industry  level,  you  have  edge  players, 
often  the  start-ups.  What  are  they  doing 
that  you  haven’t  thought  of?  Which  ones 
are  growing  shockingly  fast?  So,  there 
are  generational  edges,  the  company 
edge,  the  industry  edge,  the  market 
edge.  And  we  have  geographic  edges, 
like  India,  and  also  intellectual  or  disci¬ 
pline  edges.  Many  breakthroughs  today 
come  between  disciplines,  where  mul¬ 
tiple  disciplines  work  together. 

These  edges  are  all  sources  of  un¬ 
certainty.  They  are  risky  because  they 
don't  have  road  maps,  and  yet  that’s 
where  most  of  the  action  is.  You  can 
get  early  detectors  of  new  ideas  by 
paying  attention  to  the  edges. 

You  say  companies  often  react  to  tech¬ 
nological  change  rather  than  proactively 
shape  strategies.  How  can  a  big,  tradi¬ 
tional  company  like  General  Motors  do 
that?  Take  health  care,  where  there  is  a 
huge  need  for  innovation.  Suppose  GM 
said  that  immediately,  every  doctor's 
office,  clinic  and  hospital  had  to  reveal 
its  success  measures,  and  then  [GM] 
told  [its]  employees  [it]  would  only  re¬ 
imburse  them  for  going  to  those  [pro¬ 
viders]  with  the  highest  success  rates. 
And  they  could  say,  “We’ll  only  use 
those  with  electronic  medical  records, 
and  we  want  the  records  shared  among 
all  the  players  in  our  network.” 

What  are  “innovation  networks"?  In 

Asia,  these  networks  are  constantly 
constructing  new  ideas  by  having  hun¬ 
dreds  or  thousands  of  small  companies 
in  loosely  coupled  but  long-term  rela¬ 
tionships.  Many  products,  like  the  iPod 
and  iPhone,  come  from  original  design 
manufacturers  [ODM]  in  Taiwan. 

What  most  people  don’t  realize  is  that 
when  a  company  like  HP  wants  a  new 
printer  or  PC,  they  design  the  specs, 
specify  the  cost  they  want  to  pay  and 
then  waltz  into  an  ODM  and  say,  “Can 


you  build  this  at  this  price?”  The  ODM 
knows  that  this  same  guy  has  been 
to  other  ODMs  who  have  their  own 
networks,  and  so  you  have  two  or 
three  networks  competing  to  see  who 
can  meet  those  incredibly  aggressive 
specs.  One  small  company  bids  on  the 
magnesium  casing,  another  on  the  RF 
chip,  another  on  the  battery  and  so 
on.  Apple's  iPhone  got  done  that  way. 
Steve  []obs]  had  the  surface  design  in 
mind  but  no  notion  of  the  internals. 

People  say  the  world  is  getting  flat. 
But,  in  fact,  the  world  is  also  getting 
spikier.  Innovation  networks  represent 
tiny,  local  spikes  of  capability,  which 
then  get  wired  together  to  build  a 
product.  If  you  can  be  the  first  to  find 
these  rapidly  developing  spikes,  then 
you  can  use  the  fact  that  the  world  is 
flat  to  connect  them  all  together. 

Could  this  Asian  modal  be  employed  here? 

Everyone  is  talking  about  how  to  solve 
the  General  Motors  problem.  No  one 
is  talking  about  how  they  should  work 
with  their  suppliers.  The  suppliers  are 
in  a  vast  network  and  are  capable  of 
tremendous  innovation,  but  that’s  not 
how  GM  uses  them.  But  look  at  Toyota 
in  the  U.S.  Toyota  keeps  outperform¬ 
ing  us  not  because  they  have  better 
workers,  but  because  they  have  figured 
out  how  to  take  a  vast  supply  network 
from  being  just  suppliers  to  being  criti¬ 
cal  partners  in  innovation.  It  becomes 
a  distributed-innovation  game. 

What  lessons  did  you  learn  from  working 
at  Xerox  PARC?  First,  wisdom  is  often 
the  biggest  obstacle  to  innovation.  In 
a  rapidly  changing  world,  the  assump¬ 
tions  that  underlie  our  past  learning 
may  now  be  invalid.  So,  an  idea  that 
didn’t  work  five  years  ago  may  work 
fantastically  now. 

Second,  we  tend  to  hold  on  to  as¬ 
sumptions  longer  than  we  should. 
Often,  by  letting  go  of  old  assumptions, 
whole  new  vistas  are  created. 

Third,  when  I  was  running  PARC, 

I  thought  we  geeks  were  the  geniuses 
and  people  who  did  the  marketing 
were  not  so  smart.  But  when  you  have 
to  make  real  innovation  pay  off,  you 
often  find  that  the  genius  is  not  in  the 
idea  creation  but  in  the  realization  of 
e  marketplace. 

-  Interview  by  Oary  Anthes 


that  idea  in  the 


Scot  Finnie 

Apple’s  Silver  Lining 


VEN  A  CURSORY  REVIEW  of  Apple’s  history 
makes  it  clear  that  Steve  Jobs  has  been  instrumental 
to  its  success  in  both  tours  of  duty.  And  whatever 
Jobs  may  be  battling  during  his  leave  of  absence,  one 
can  only  hope  he  returns,  hale  and  vigorous.  His  unbending 
vision  has  led  the  company  to  win  after  win. 


But  does  that  mean 
Apple  is  in  trouble  with¬ 
out  him?  No.  In  fact.  Jobs 
or  no  Jobs,  several  oppor¬ 
tunities  exist  for  Apple. 
Here  are  five: 

1.  Deliver  a  lower-cost, 
netbook-style  Mac.  The 
pudgy,  last-generation, 
$999  MacBook  is  the  clos¬ 
est  thing  Apple  has  had  to 
a'$500  netbook.  Although 
rumored  for  months,  it’s 
not  clear  whether  Apple 
is  building  a  netbook, 
but  the  time  would  be 
right.  Snow  Leopard,  the 
next  version  of  OS  X,  is  a 
performance  overhaul  of 
the  OS  X  core  software. 

A  streamlined  Mac  OS  is 
precisely  what  you’d  need 
to  run  a  Mac  netbook.  If  it 
happens  this  year,  it  was 
Jobs’  initiative. 

2.  Foster  and  support  in- 

OS  X  has  gone  a  long  way 
toward  attracting  soft¬ 
ware  makers  to  develop 
apps  for  the  Macintosh. 
And  the  slowly  increas¬ 


ing  (though  still  small) 
market  share  for  desk¬ 
top  Macs  should  help 
too.  But  Apple  has  had 
a  checkered  past  when 
it  comes  to  supporting 
ISVs.  It  could  and  should 
do  more  to  help  software 
makers  succeed. 

3.  Be  a  lot  more  trans¬ 
parent  with  customers  and 
the  press.  Jobs’  amazing 
“whisper”  campaigns 
controlled  the  reveal  He’s 
a  master  showman  who 
understands  how  to  work 
the  media  and  whip  his 
audience  into  a  frenzy. 
When  Apple  was  a  small 
company  with  a  lot  to 
prove,  those  talents  were 
a  huge  asset.  But  Apple  no 
longer  needs  to  tantalize 
and  surprise.  It  needs  to 
solidify  its  customer  base. 
Not  everything  needs  to 


■  Is  Apple  in 
trouble  without 
Jobs?  Not  really. 


be  a  secret.  In  fact,  a  little 
more  transparency  would 
win  Apple  more  friends. 

4.  Sell  Macs  to  enterprise 
customers.  This  is  the 
most  challenging  oppor¬ 
tunity,  with  the  largest 
potential.  Apple  has  never 
sold  many  computers  to 
enterprise  customers.  (It’s 
tough  to  do  that  when 
you’re  not  even  trying.) 
For  years,  Apple  lacked 
cost-competitive  products 
for  typical  business  users. 
But  the  new  MacBook 
and  the  MacBook  Air 
meet  those  requirements. 

So,  it’s  a  funny  thing. 
Apple  finally  has  price- 
competitive  products  and 
interest  from  enterprise 
customers,  but  its  hush- 
hush  enterprise  division 
—  I  call  them  the  “Men 
in  Black”  —  would  make 
Howard  Hughes  proud. 
Something  (or  someone?) 
is  holding  it  back. 

To  court  IT,  Apple 
would  need  to  reveal 
product  road  maps  and 


stop  being  so  secretive 
—  but  that’s  what  nondis¬ 
closure  agreements  are 
for.  It  would  have  to  add 
layers,  such  as  engineering 
sales  support,  and  provide 
business-class  repair  turn¬ 
arounds.  And  it  has  made 
strides  in  those  directions. 

Apple  doesn't  have  to 
change  its  identity  to  deal 
with  large  business  cus¬ 
tomers.  It  doesn't  have  to 
use  HP’s  or  Dell’s  model 
Apple  could  do  this  in  its 
own  way,  and  at  least  a 
modest  percentage  of  IT 
customers  would  like  it 
A  modest  percentage  is 
about  all  Apple  can  handle 
to  start  with  anyway. 

5.  (Jet  out  of  that  exduave 
ATtTdaat  There  are  some 
AT&T  lawyers  who  might 
object  to  this  one.  Exclu¬ 
sive  deals  are  all  the  rage 
in  wireless,  but  Verizon's 
network  is  distinctly 
better.  Don’t  believe  me? 
Check  with  that  famous 
consumer  magazine  that 
prefers  not  to  be  named. 
Based  on  a  survey  of  over 
50,000  readers,  it  reported 
that  Verizon  had  the  best 
service  in  all  but  two  major 
U.S.  metropolitan  areas. 
Maybe  while  Jobs  is  away, 
Apple  can  figure  out  a 
way  to  stop  punishing  its 
iPhone  customers  and  cut 
a  deal  with  Verizon. 

But  don’t  worry.  I’m 
not  holding  my  breath.  ■ 
Scot  Finnie  is  Computer- 
world's  editor  in  chief.  Con¬ 
tact  him  at  scot_Jmnie@ 
computerworld.com. 


FEBRUARY  9. : 


STORAGE  SPOTLIGHT  ■ 


They  thought  they  had  their 
stored  data  locked  tight,  but  they 
were  wrong.  Here  are  five  of 
the  biggest  storage  mishaps  and 
how  you  can  avoid  a  similar  fate. 

By  Mary  Brandel 


ATA  BREACHES,  unfortunately,  have 
become  a  way  of  life  for  corporate 
America.  According  to  the  Identity 
Theft  Resource  Center  (ITRC),  2008 
saw  a  47%  increase  in  documented 
data  breaches  from  the  year  before  (see 
chart,  page  24).  And  those  are  just  the  ones  that  made 
the  news,  says  Craig  Muller,  an  identity  theft  expert 
and  founder  of  Identity  Doctor  in  Irvine,  Calif.  “I  get 
e-mails  constantly  telling  me  of  breaches,”  he  says. 

The  public  is  definitely  feeling  the  i  But  companies  are  still  not  sure  how. 
pain.  In  a  2008  study  by  the  Ponemon  to  protect  themselves.  In  a  Ponemon 


amine  actual  breaches  and  learn  from 
them.  Here's  a  look  at  five  common 
types  of  breaches,  with  advice  about 


I  STOLEN  EQUIPMENT 

In  May  2006,  personal  data 
on  26.5  million  veterans  was 
■  compromised  when  a  laptop 
nd  a  storage  disk  were  stolen  from  the 
ome  of  a  subcontractor  working  for 
le  U.S.  Department  of  Veterans  Af- 


■  SPOTLIGHT  STORAGE 


■  SPOTLIGHT  STORAGE 


i  timed  from  page  28 

to  manage,  Semple  says,  especially 

:n  the  workers  use  privileged  access. 


>ual  activity  and  set  thresholds 
esenting  acceptable  use  for  dif- 
n  users,  CERT  says.  That  makes 
sier  to  detect  when  an  employee 
a  particular  job  designation  does 
sthing  beyond  his  normal  duties. 


ity  logs,  Semple  says.  It's  not  enough  to 
keep  detailed  logs;  you  also  need  audit 
measures  in  place  to  see  if  anyone  has 
modified  a  log  or  illegally  accessed  it. 
“Unless  there's  some  way  to  verify  the 
log  information  wasn't  tampered  with, 
it's  hard  to  know  it's  of  value,”  he  says. 

But  in  the  end,  technology  isn't 
enough.  “You  need  to  find  a  way  to  en¬ 
sure  users  you  trust  are  worthy  of  that 
trust,"  Semple  says. 


the  most  significant  component  of  the 
increase.  The  average  cost  of  a  data 
breach  in  2008  was  $6.6  million,  com¬ 
pared  with  $6.3  million  in  2007. 

■  Blinders:  According  to  a  2008 
Ponemon  study,  data  breaches 
by  hackers  rank  a  distant  fifth 
in  terms  of  security  threats.  Indeed, 
about  14%  of  documented  breaches  in 
2008  involved  hacking,  according  to 
the  ITRC.  That  doesn't  mean  compa¬ 
nies  shouldn’t  be  wary,  however. 


I  SPOTLIGHT  STORAGE 


have  to  worry  about  it." 

As  companies  upgrade 
their  storage  equipment, 
many  are  taking  advantage  of 
technological  advances  such 
as  tape  drive  encryption, 
tape  library  encryption  and 
enhancements  in  the  way  en¬ 
cryption  keys  are  managed. 
There  has  also  been  progress 
in  adopting  the  disk  and  tape 

of  the  IEEE  P16I9  standard, 
says  James  Damoulakis,  chief 
technology  officer  at  storage 


Keep  stored  data  safe  within 
company  w  alls  with  encryption 
and  key  management 

_ By  Stacy  Collett 


services  provider  GlassHouse  and  process  limitations,  sa 
Technologies  Inc.  “Still  Damoulakis,  who  is  a  Com 

it’s  fair  to  say  that  [storage  puterworld  columnist, 

security]  has  lost  some  mo-  “There’s  a  feeling  that 
mentum”  because  of  policy  [data  in  storage]  is  a  lockt 


whether  it’s  the  time  to  de¬ 
ploy  or  the  amount  of  [labor] 
or  the  actual  cost  in  dollars  of 
the  solution  —  these  things 
are  not  cheap,”  Ouellet  adds. 

A  less  expensive  way  to 
add  encryption  is  to  use  the 
capabilities  that  come  built 
into  many  applications, 
Ouellet  advises.  “You'll  have 
to  pay  for  it,  but  it's  needed, 
and  as  far  as  integration  is 
concerned,  it’s  not  going  to 
take  an  inordinate  amount  of 
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Looking  for  an  ultracheap 
approach?  Ouellet  suggests 
buying  a  hard  drive  with 
built-in  encryption.  Seagate, 
Toshiba  and  Hitachi  are 
among  the  vendors  introduc¬ 
ing  self-encrypting  drives.  “It 
costs  only  a  few  bucks  more 
to  buy  a  drive  with  encryp¬ 
tion,”  Ouellet  says.  “The  ap¬ 
plications  aren’t  even  aware 
there’s  any  encryption.  It's  all 
in  the  background  at  the  low- 
level  driver  level.” 

But  keep  in  mind  that  self¬ 
encrypting  drives  address 
only  storage  issues,  Ouellet 
warns.  “As  far  as  the  appli¬ 
cation  is  concerned,  once  it 
reads  the  data  off  the  drive, 
it’s  in  clear  text  —  and  in  a 
backup,  it’s  in  clear  text,"  he 
says.  “Only  in  the  storage  en¬ 
vironment  is  it  safe.” 

On  the  bright  side,  self- 


M  There’s  a 
feeling  that 
[data  in  storage] 
is  a  locked  door 
-  so  it’s  not  a  high 
priority.  But  I  think 
that’s  ultimately 
going  to  change 
with  the  turnover 


ROBERT  ROSEN. 

FORMER  PRESIDENT.  SHARE 


encrypting  drives  will  be 
helpful  down  the  road  when 
you  have  to  dispose  of  a 
drive,  Ouellet  adds.  “I  can 
just  lose  or  dispose  of  the 
key  that  was  on  that  drive. 
Then  the  data  is  gone.” 

ON  THE  DESKTOP 

Data  at  rest  now  includes 
data  on  the  desktop.  The 
NIH’s  IT  department  is  mov¬ 
ing  to  desktop-level  encryp¬ 
tion.  “Unfortunately,  thefts 
occur  inside,  too,”  Rosen 
says.  “Encryption  is  a  fairly 
simple  mechanism.  The  per¬ 
formance  impact  is  minimal.” 

Children’s  Hospital  Bos¬ 
ton  also  encrypts  data  on  the 
desktop  says  Paul  Scheib, 
director  of  operations  and 
chief  information  security 
officer.  “We  do  laptop  en¬ 
cryption,  and  we  try  to  limit 
what  data  can  be  stored  on 
local  machines,”  he  says. 

“We  don’t  have  a  sure  way 
to  stop  people  from  writing 
from  a  CD  drive,  because 
they  do  have  a  business  need 
to  do  it.  The  best  you  can  do 
is  put  policies  in  place  and 
educate  people." 

But  desktop  encryption 
resolves  only  one  security 
issue,  Ouellet  says.  “A  lot 
of  organizations  have  an 
onion-layer  approach.  To  be 
able  to  get  onto  the  storage 


environment,  you  have  to  go 
through  a  bunch  of  gates  and 
barriers,”  such  as  ID  manage¬ 
ment  and  network  firewalls, 
he  says.  “That  may,  in  fact,  be 
good  enough  —  it  solves  the 
external  data  problem.  But 
your  storage  environment  is 
not  addressed  that  way." 

KEY  MANAOEMENT 

For  years,  encryption  users 
have  been  calling  on  security 
and  storage  vendors  to  offer 
better  interoperability  when 
it  comes  to  managing  the 
keys  that  actually  control 
the  encryption.  In  response, 
companies  such  as  Microsoft 
Corp.  now  allow  users  to 
store  the  encryption  keys  for 
data  held  on  other  vendors' 
key  management  systems. 

But  key  management  will 
become  more  complex,  ex¬ 
perts  say,  as  encryption  finds 
its  way  into  more  and  more 
storage  devices,  creating  an 
avalanche  of  keys  to  manage. 

Some  industry  standards 
are  being  developed,  such  as 
IEEE  P1619,  but  they  address 
tape  encryption  and  not  the 
storage  environment.  “We’re 
seeing  that  move  over  to  the 
self-encrypting  drive  [sys¬ 
tems],  but  as  far  as  the  data¬ 
bases  are  concerned,  they 
don't  quite  have  a  standard,” 
says  Ouellet. 

For  now,  companies  such 
as  IBM  and  RSA  Security 
Inc.  provide  some  form  of 
key  management  for  exter¬ 
nal  services,  Ouellet  says. 

Industry  watchers  say 
that  although  companies 
aren't  clamoring  for  encryp¬ 
tion  and  storage  security, 
adoption  will  remain  steady. 
“There’s  a  finite  amount  of 
resources  available,”  Rosen 
says.  “There  won’t  be  a  huge 
rush  to  it  —  but  with  [new 
hardware],  everything  is  go¬ 
ing  to  be  encrypted."  ■ 

Collett  is  a  Computerworld 
contributing  writer.  Contact 
her  at  stcollett@aol.com. 
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■  SPOTLIGHT  STORAGE 


ting  a  collection  of  tapes  in 
a  vehicle  and  driving  it  to  a 
recovery  site,"  says  Ken  Ru¬ 
bin,  a  senior  vice  president  at 
the  information  protection 
and  storage  company.  “And 
the  bandwidth  limitations 
on  transporting  terabytes  or 
petabytes  of  data  over  the 


get  out  of  the  tape  busine 
because  of  the  threat  of 
physical  loss,”  r — 


Better  protect  your  company’s 
movable  media  by  rejecting 
these  six  common  myths. 

By  Gary  Anthes 


The  protection  of  infor¬ 
mation  technology  is,  of 
course,  a  job  for  IT.  But 
there  is  a  big  and  often  ove 


tate  and  federal  regulations 
n  data  protection  and  reten¬ 
on  demands  human  exper- 
se,  but  it’s  such  a  daunting 
isk  that  he  gets  automated 


■  MYTH  3:  LOSING 
A  TAPE  IS 
PRIMARILY  A 
SECURITY  PROBLEM. 

It  can  be  a  security  disaster, 


issue.  Loss  of  tapes  through 
simple  human  error,  causing 
processing  disruptions  down 
the  line,  is  by  far  the  most 
common  problem. 


decrypt  your  there  are  no 

hard  drive,  we  know  technology 

it  and  we  notify  solutions;  irs  all 
your  manager.  about  tight  controls. 

CHRISTOPHER  LEACH.  CISO.  Procedures  and  controls 


decrypt  your 
irive,  we  Know 


y  numbersj,  although  that 

certainly  important,”  says 
Brian  Lurie,  IT  vice  president 
at  medical  products  maker 
Stryker  Corp.  “What  keeps 
me  up  nights  is  the  possibil¬ 
ity  of  losing  a  tape  and  then 
having  to  produce  data  for 
the  FDA  for  a  lawsuit.  I  worry 
about  liability  to  the  company 
from  losing  information  that 

While  the  law  requires 
that  some  information  be 
kept  for  seven  years,  Stryker 
must  retain  data  on  cus¬ 
tomers  who  have  Stryker 
products  in  their  bodies  for 
as  long  as  they  live,  Lurie 
says.  Although  the  company 


The  primary  tool  remains 
data  encryption.  While  the 
technology  doesn’t  address 


data,  it's  nice  to  be  able  to  tell 
lawyers,  reporters  and  the 
police  that  the  bad  guys  can't 
do  much  with  that  laptop 
because  the  hard  disk  is  en¬ 
crypted,  or  with  those  tapes 
because  they  are  unreadable. 

All  employee  desktops 
and  laptops  at  ACS  are  re¬ 
quired  to  be  “whole-disk  en¬ 
crypted,”  Leach  says.  “Once 
the  disk  is  encrypted,  we 


In  addition,  he  says,  “we  in¬ 
sure  them  for  a  high  amount, 
not  because  the  tapes  or  CDs 
are  worth  a  lot  of  money,  but 
because  that  triggers  tighter 
processes  and  closer  scrutiny 
by  the  shipper.” 

Users  report  that  they  are 
studying  new  technologies  to 
supplement  or  substitute  for 
encryption.  The  state  of  New 
York  is  looking  at  thumb¬ 
print  scans  to  protect  laptops 
and  tape  cases.  And  ACS 
is  examining  prototypes  of 
three  magnetic  devices  that 


inventory-control  system 
to  help  eliminate  the  No.  1 
cause  of  lost  tapes  —  human 


■  MYTH  5: 

ENCRYPTION  ISA 
SILVER  BULLET. 

While  encryption  is  often 
considered  the  best  technical 
solution,  it  has  drawbacks. 

For  example,  if  you  retrieve  a 
tape  but  have  lost  the  keys  to 
decrypt  it,  you  might  be  out 
of  luck.  Also,  encrypting  data 
before  writing  it  to  tape,  a  lap¬ 
top  hard  drive  or  removable 


moves  to  Windows  Vista, 
because  the  operating  sys¬ 
tem  offers  options  for  auto¬ 
matically  encrypting  data. 
“But  it’s  a  burden  —  you 


■  MYTH  6: 

IF  YOU  PROTECT 
YOUR  TAPES 
AND  LAPTOPS,  YOU 
CAN  FEEL  SECURE. 

News  stories  have  focused 
attention  on  lost  tapes  and 
laptops,  but  there  are  a 


BlackBerries  are  protected 
at  Stryker.  “I  have  the  ability 
to  remotely  wipe  them  out,” 
he  explains.  “If  lost,  we  send 
a  signal  to  it  immediately  to 
clear  the  memory." 

But  flash  drives.  CDs  and 
DVDs  are  more  problemat- 


about  the  humble  cell  phone. 
“We  don't  allow  cameras  in 
our  building,  but  there  are 
lots  of  people  who  have  them 


It  someone  takes  a  photc 
of  someone  or  something 


l  of  decryptir 
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AS  THE  PILOT  ejects 
inside  enemy  ter¬ 
ritory.  the  fighter 
jet  triggers  an  auto¬ 
matic  data-destruction  se¬ 
quence.  Within  IS  seconds, 
the  highly  classified  mission 
data  on  the  solid-state  disk 
has  been  wiped  out. 

The  storage  device  in  this 
scenario  didn't  just  burn  up 
like  the  voice  recorder  in 
Mission:  Impossible.  Instead, 
the  system’s  manufacturers 
simply  took  advantage  of 


Sold  Slate’s 
New  Ki  Switch 


Military-grade  SSDs  are  easier  to 
erase,  although  harder  to  restore. 

By  Robert  L.  Mitchell 


I  hours  after  removal  from 


data.  "The  data  may  be  gone, 
but  at  least  it's  not  in  the 
wrong  hands,”  Drossel  says. 


MORE  COSTLY  RECOVERY 

The  flip  side  of  the  level  of 
security  SSDs  offer  is  the 
fact  that  recovering  data 
from  them  can  be  more  dif¬ 
ficult  and  expensive  than  for 
other  media. 

Each  SSD  vendor  has  its 
own  proprietary  method 
for  mapping  data  from  the 
file  system  to  individual 


the  process  of  getting  every 
block  on  a  drive  of  that  size 
to  spin  under  the  read/write 
head  would  take  almost  an 
hour  and  a  half,  and  the  entire 
process  could  take  three  to 
four  hours  on  a  fast  eSATA 
drive,  according  to  experts 
at  Texas  Memory  Systems 
Inc.  and  Kroll  Ontrack  Inc. 

INSTANT  ERASURE 

While  “fast  erase”  features 
are  available  today  for  mili¬ 
tary  use,  SSD  manufacturers 
hope  that  the  technologies 
will  catch  on  for  business  ap¬ 
plications  such  as  back-end 


been  optimized  to  further 
speed  up  erasure.  “We’ve 
created  internal  circuitry  so 
that  the  host  can  send  one 
command  —  either  in  soft¬ 
ware  or  a  push  button  —  and 
the  drive  will  erase  multiple 
chips  in  parallel,"  says  Dross- 
el.  For  example,  it  takes  about 
IS  seconds  to  clear  all  of  the 
chips  on  a  16GB  SSD,  he  says. 

Vendors  have  also  created 
other  schemes  to  meet  gov¬ 
ernment  security  require¬ 
ments.  BitMicro  Networks 
Inc.  offers  a  removable  SSD 
with  backup  power  that  al¬ 
lows  it  to  be  erased  up  to  six 


destruct  or  erase  if  they  are 
stolen  and  inserted  into  any 
unauthorized  machine. 

In  the  private  sector,  rapid- 
erasure  techniques  could  be 
used  in  point-of-sale  systems 
or  kiosks  that  might  contain 
sensitive  customer  or  sales 

M[Withafast- 
erase  feature J 
the  data  may  be  gone, 
but  at  least  it’s  not  in 
the  wrong  hands. 

GARY  DROSSEL. 

VICE  PRESIDENT  OF  MARKETING. 
SILICONSYSTEMS  INC. 


number  of  data  layouts  for 
different  manufacturers.” 

Another  drawback  is  that 
data  on  SSDs  can  be  far  more 
costly  to  recover  in  the  event 
of  a  physical  failure,  such 
as  a  broken  circuit.  “When 
an  SSD  becomes  damaged, 
it's  more  difficult  to  get  the 
data  off  the  raw  chips.  We’ve 
had  jobs  go  as  long  as  three 
or  four  months,”  Barry  says. 
Costs  go  up  if  the  data  is 
needed  quickly  and  addition¬ 
al  staffers  are  assigned  to  the 
project.  “That  jumps  up  the 
service  level,”  he  says,  “and 
they  pay  accordingly.”  ■ 
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j  ■  SPOTLIGHT  QUICKSTUDY 

1  Extensible 
i  Access  Method 

j  Use  it  to  preserve  the  integrity 
j  and  authenticity  of ‘fixed 

j  content.'  By  Russell  Kay 

know  it’s  unchanged? 

A  new  set  of  standards, 
the  Extensible  Access 

Method,  aims  to  bring  order 
to  this  chaos.  XAM  acts  as  a 
layer  of  abstraction  between 
different  operating  systems, 
fixed-content  applications 
(such  as  e-mail,  file  or  data- 

and  the  data-access  manage¬ 
ment  software.  This  allows  ti 

users  to  retrieve  data  re-  c 

III! 


)  « 


XAM  Software  Architecture 


■  SPOTLIGHT  OPINION 

James  Damoulakis 

Your  Security 
Game  Plan 


HOW  MUCH  PROGRESS  is  really  being  made  in 
securing  storage?  For  several  years  now,  pundits 
have  sounded  the  alarm  about  a  range  of  security 
risks  associated  with  storage.  That  includes 
everything  from  a  lack  of  fundamental  network  security 
practices  for  SANs  to  the  ever-familiar  problems  associated 
with  handling  off-site  media.  Regarding  the  latter,  hardly  a 
week  goes  by  that  some  organization  isn’t  reporting  the  loss  or 
theft  of  laptops  or  tapes  containing  confidential  information. 


Yet,  aside  from  those  cor¬ 
porate  victims  in  the  spot¬ 
light  that  have  been  forced 
to  make  improvements, 
it  seems  that  the  state  of 
storage  security  has  been 
advancing  very  slowly. 

Furthermore,  many  so- 
called  storage  security  ini¬ 
tiatives  should  be  more  ac¬ 
curately  labeled  as  off-site 
tape  security  initiatives.  In 
other  words,  the  focus  isn't 
on  a  strategic  approach  to 
securing  the  overall  storage 
infrastructure,  but  on  the 
pain  point  du  jour  —  in  this 
case,  the  desire  to  avoid  be¬ 
ing  the  next  organization  to 
make  headlines  in  Comput- 
erworld  for  the  wrong  rea¬ 
son.  Certainly,  the  desire 
to  close  this  particular  se¬ 
curity  hole  is  understand¬ 
able,  but  without  an  overall 
game  plan,  there  is  a  strong 
likelihood  that  effort?  will 
be  duplicated  and  other 
risks  overlooked. 

A  widely  reported  study 
from  the  Identity  Theft  Re¬ 
source  Center  found  a  47% 


increase  in  data  breaches  in 
2008  compared  with  2007. 
Of  these  breaches,  20.7% 
involved  “data  on  the  move” 
—  on  laptops  or  tapes,  for 
example.  However,  twice 
as  many  incidents  (41%)  oc¬ 
curred  through  a  combina¬ 
tion  of  hacking,  insider  theft 
and  subcontractor  breaches. 

Yet  even  the  goal  of 
securing  off-site  media 
hasn’t  been  successfully 
addressed.  Consider,  for 
example,  the  lack  of  wide- 
scale  adoption  of  encryp¬ 
tion.  Only  2.4%  of  the  lost 
media  in  the  above  study 
was  encrypted.  Why  is 
that?  In  the  case  of  tape, 

■  The  problems  of 
key  management 
point  to  a  larger 
organizational 
issue:  the  lack  of 


security  strategy 
that  truly  encom¬ 
passes  storage. 


it's  not  because  of  a  lack 
of  awareness  or  misun¬ 
derstanding  the  problem 
—  that’s  painfully  obvious. 
Nor  is  it  because  of  a  lack 
of  technology  available  to 
address  the  problem.  En¬ 
cryption  products  for  every 
level  can  be  obtained  from 
mainstream  vendors;  tape 
drive  (LTO-4,  IBM  TS1130 
or  STKT10000).  tape  li¬ 
brary  (Spectra  Logic),  SAN 
switch  (Cisco  or  Brocade), 
SAN  or  LAN  appliance 
(NetApp)  and  host  software 
(most  backup  applications). 

It's  easy  to  point  to  the 
challenges  of  key  man¬ 
agement  as  the  primary 
roadblock  to  more  wide¬ 
spread  adoption  of  media 
encryption,  and  this  is  cer¬ 
tainly  a  contributing  cause. 
However,  the  problems  of 
key  management  point  to 
a  larger  issue:  the  lack  of 
a  comprehensive  security 
strategy  that  truly  encom¬ 
passes  storage.  As  long  as 
storage  sits  at  the  periphery 
of  organizations’  security 


focus,  there  will  continue 
to  be  risks,  and  obstacles  to 
addressing  those  risks. 

What’s  required  is  un¬ 
derstanding  that  different 
entities  within  an  enter¬ 
prise  access,  manage,  con¬ 
trol  and  own  responsibility 
for  data.  An  effective  strat¬ 
egy  considers  the  security 
needs  of  all  constituents. 

A  strategic  approach  to 
storage  security  not  only 
would  weigh  additional 
risks  beyond  things  like  off¬ 
site  media  encryption,  but 
would  also  consider  identi¬ 


fying  which  data  needs  to  be 
encrypted  and  at  what  leveL 
Perhaps  if  data  is  encrypted 
at  the  application  level  to 
protect  against  unauthor¬ 
ized  access,  it  might  not 
need  to  be  re-encrypted 
at  the  tape  leveL  If  a  cen¬ 
tralized  key-management 
function,  with  associated 
policies  and  processes,  were 
instituted  to  manage  all  data 
security  access,  the  prospect 
of  off-site  tape  encryption 
wouldn't  be  as  daunting. 

Given  the  current  eco¬ 
nomic  reality,  it’s  improbable 
that  many  organizations 
will  undertake  this  type  of 
program  in  the  near  future. 
However,  it’s  important  to 
begin  to  bridge  the  gap  be¬ 
tween  storage  and  security 
and  build  a  rational  frame¬ 
work  on  which  to  incremen¬ 
tally  improve.  Otherwise, 
the  breach  tally  is  certain  to 
climb  even  higher  in  2009.  ■ 
James  Damoulakis  is  chief 
technology  officer  at  Glass- 
House  Technologies  Inc.,  an 
IT  infrastructure  consult¬ 
ing  and  services  firm. 
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Eaton  makes  selecting  Enclosure 
Power  Distribution  Units  easy 

Uninterruptibility  from  Eaton*  isn't  a  new 


FiTH 


(ePDU™)  offers  the  bi 
Making  the  right  decisions  from  the  start  can  make  a  differe 
in  the  dependability  and  efficiency  of  your  infrastructure. 
Use  our  new  product  configuration  wizard  to  search  over 
1,000  products  for  the  perfect  solution.  Tailor  your  ePDU  to 
include  a  wide  range  of  voltages  using  various  combination 
of  NEMA  and  IEC  outlets  and  p 


■  Q&A 


Rise  of  the  ‘Nanobots’ 


N 


o,  they  aren't  those  hy¬ 
pothetical  molecular- 
scale  robots  that 


could  someday  be  introduced 
into  our  bloodstreams  to  fix 


what  ails  us.  These  so-calldd 
nanobots  are  office  workers. 


including  some  IT  profession- 


workers  who  are  hardly  ever  in 
the  office.  The  somewhat  fanci¬ 
ful  acronym  for  this  category  of 
worker  is  derived  from  Nearly 
Autonomous.  Not  in  the  Office, 
doing  Business  in  their  Own 
Time  Staff .  The  coiners  of  the 
term  are  two  New  Zealand 


researchers.  David  Pauleen  and 
Brian  Harmer.  who  wrote  about 
nanobots  in  the  Dec.  14  issue 
of  the  MIT  Sloan  Management 
Review.  They  say  nanobots  are 
highly  dependent  on  mobile  de¬ 
vices  and  remote  access  to  the 
corporate  network,  but  unlike 
run-of-the-mill  mobile  workers, 
they  aren't  required  to  stay  in 
close  contact  with  managers. 
Instead,  nanobots  are  entrusted 
with  unusual  levels  of  personal 
freedom  while  they're  on  the 
job.  in  return  for  which  they're 
almost  always  on  the  job. 

-  JAMIE  ECKLE 


WHY  WORKERS  LEAVE 


Executives  were  asked,  "Which  of  the  following  is  most  likely  to 
cause  good  employees  to  quit  their  jobs?"  Here  are  their  responses: 


Unhappiness  with  management  35%  23% 

“  Limited  opportunities  for  advancement  33%  39% 

|  Lack  of  recognition  13%  17% 

£  Inadequate  salary  and  benefits  13%  t1% 

;  Bored  with  their  jobs  1%  6% 

I  Other/don’t  know  5%  4% 


Tony  Lee 

I  The  publisher  ol 
1  CareerCast.com  ml 
JobsRated.com  saihhcs 
tltc*  siirs’  iveent  ranking  of  occupations, 

hkh  pm  f  wo  IT  jobs  in  the  top  li  i. 


What  sorts  of  criteria  were 
used?  To  quantify  the  many 
facets  of  the 200 jobs  included 
in  our  report,  we  determined  and 

of  all  of  the  jobs,  categorizing 
them  into  bye  core  criteria  -  that 
is,  the  general  categories  that 
are  inherent  to  every  job:  work 
environment,  income,  outlook, 
stress  and  physical  demands. 
Many  smaller  criteria  are  in¬ 
cluded  in  these  core  areas,  and 
all  are  weighted  and  reviewed 
by  our  team  of  researchers.  One 
overarching  theme  is  that  the 
more  control  you  have  over  your 
daily  activities,  the  higher  that  job 
tends  to  rank.  So  if  you  have  a 
boss  looking  over  your  shoulder 
or  frequent  tight  deadlines  that 
have  to  be  met.  your  job  will  lose 
points  in  the  rankings.  [Note:  The 
full  methodology  is  explained  at 
mm.CareerCast.com/jobs/ 
content/JobsRated_Methodology .] 

A  lot  of  people  in  the  technol¬ 
ogy  held  would  be  surprised 
to  see  “software  engineer” 
at  No.  5.  given  that  such  po- 


for  job  security?  Job  security 
was  its  lowest  score,  but  It  scored 
so  high  in  the  other  categories,  it 
landed  at  No.  5.  Software  engineer 
scored  highest  for  work  environ- 


engineers  work  in  nice  offices, 
with  a  cafeteria  nearby,  and  [they] 
can  do  things  like  listen  to  music 
via  headphones,  which  is  far 
nicer  than  many  other  jobs.  It  also 
ranked  high  for  income,  with  an 
average  of  S86.139. 


It  sounds  like  the  more  sed-  j 
entary  a  job,  the  higher  it  V 
ranked.  But  is  physical  ac¬ 
tivity  really  a  drawback  in 
a  job?  Not  necessarily,  as  long 
as  the  physical  activity  doesn't 
frequently  lead  to  injury.  For 
instance,  petroleum  engineers 
and  geologists  both  often  work 
outside  the  office  but  still  rank 
among  the  top  30  best  jobs,  since 
it's  unlikely  their  outside  work  will 
lead  to  harm  or  is  done  in  uncom¬ 
fortable  weather. 

The  economy  has  shifted 
quickly  over  the  past  few 
months.  Do  you  have  a 
sense  of  how  those  changes 
might  affect  the  rankings 
if  you  were  to  take  a  new 
look  today?  We  kept  following  ; 
the  data  right  through  the  fall,  so  i 
while  there  may  be  a  few  small 
changes  since  then,  the  data 
should  be  up  to  date. 

-JAMIE  ECKLE 


THE  10 
BEST  JOBS 


|  Software  engineer 


|  Industrial  designer 


I  COMPUTERWORLD  FEBRLAt 


7 


THE  10 
BEST  JOBS 


H  sounds  like  the  more  sed¬ 
entary  a  job,  the  higher  it 
ranked.  But  is  physical  ac¬ 
tivity  really  a  drawback  in 
a  job?  Not  necessarily,  as  long 

frequently  lead  to  Injury.  For 
Instance,  petroleum  engineers 
and  geologists  both  often  work 
outside  the  office  but  still  rank 


A  lot  of  people  in  the  technol¬ 
ogy  held  would  be  surprised 
to  see  “software  engineer” 
at  No.  5,  given  that  such  po¬ 
sitions  are  increasingly  being 
offshored.  Did  it  score  high 
for  job  security?  Job  security 
was  Its  lowest  score,  but  It  scored 
so  high  in  the  other  categories,  it 
landed  at  No.  5.  Software  engineer 
scored  highest  for  work  environ¬ 
ment.  The  majority  of  software 
engineers  work  in  nice  offices, 
with  a  cafeteria  nearby,  and  [they] 
can  do  things  like  listen  to  music 
via  headphones,  which  is  far 
nicer  than  many  other  jobs.  It  also 
rankedhighforincome.withan 


Executives  were  asked.  'Which  of  the  following  is  most  likely  to 
ause  good  employees  to  quit  their  jobs?"  Here  are  their  responses: 


The  publisher  of 
CareerCast.com  and 
JobsRated.com  discusses 
the  sites'  recent  ranking  of  occupations 

which  put  two  IT  jobs  in  the  top  10. 


among  the  top  30  best  jobs,  since 
it’s  unlikely  their  outside  work  will 
lead  to  harm  or  is  done  in  uncom¬ 
fortable  weather. 

The  economy  has  shifted 
quickly  over  the  past  few 
months.  Do  you  have  a 
sense  of  how  those  changes 
might  affect  the  rankings 
if  you  were  to  take  a  new 
look  today?  We  kept  following 
the  data  right  through  the  fall,  so 
while  there  may  be  a  few  small 
changes  since  then,  the  data 
should  be  up  to  date' 

-  JAMIE  ECKLE 


What  sorts  of  criteria  were 
used?  To  quantify  the  many 
facets  of  the  200 jobs  included 
in  our  report,  we  determined  and 

of  all  of  the  jobs,  categorizing 
them  into  five  core  criteria  -  that 
is.  the  general  categories  that 
are  inherent  to  every  job:  work 
environment,  income,  outlook, 
stress  and  physical  demands. 
Many  smaller  criteria  are  in- 
cludedinthesecoreareas,and 
all  are  weighted  and  reviewed 
by  ourteam  of  researchers.  One 
overarching  theme  is  that  the 
more  controlyouhaveoveryour 
daily  activities,  the  higher  that  job 
tends  to  rank.  So  if  you  have  a 
boss  looking  over  your  shoulder 
or  frequent  tight  deadlines  that 
have  to  be  met.  your  job  will  lose 
points  in  the  rankings.  [Note:  The 
full  methodology  is  explained  at 
mw.CareeiCasLcom/jobs/ 
content/JobsRated_Methodology .] 
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Co-Branded 

EMAIL 

BLASTS 


Reach  your  target  audience 
of  professional  IT  job  seek¬ 
ers  with  Computerworld’s 
Co-Branded  Email  Blasts. 
This  unique  program  allows 
you  to  choose  your  criteria 
of  1 00%  opt-in  subscribers 
by  geography,  company 
size,  job  title  and  industry. 

Call  Dawn  Cora  at 
800-762-2977  for  details! 


Law  Firms 
IT  Consultants 
Staffing 
Agencies 

Are  you 
frequently 
placing  legal  or 
immigration 
advertisements? 

Let  us 
help  you 
put  together 
a  cost  effective 
program  that 
will  make  this 
time-consuming 
task  a  little 
easier. 
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How  H  Works,  Really 

Vendor  sends  this  IT  pilot  fish 
a  cheap  digital  camera  as  a 
“thank  you"  gift  for  sending 
business  his  way.  And  fish, 
who  has  never  received  any 
vendor  gifts  before,  shows  it 
to  his  boss  to  make  sure  ev¬ 
erything  is  OK.  “My  boss  was 
not  happy."  says  fish.  “He 
began  telling  me  the  company 
policy  about  accepting  gifts 
from  vendors  and  told  me  to 
send  it  back  -  which  I  did." 
Fast-forward  several  weeks: 
Pish  is  solving  an  e-mail 
problem  on  a  VP’s  PC  when 
he  notices  that  she  is  asking 
a  vendor  to  supply  her  with 
complimentary  tickets  for  a 


vendor-gift  policy.  Boss  reads 
it  to  him.  The  penalty  for  fail¬ 
ure  to  follow  the  policy: 
termination.  Several  weeks 
later,  fish  is  at  the  sports 
event  when  he  spots  the  VP 
and  her  husband  in  very  good 
seats  -  right  next  to  fish’s 
boss.  “I  acted  surprised  and 
walked  over  to  talk."  fish  says. 
“Seems  the  VP  got  the  tickets 
for  the  boss,  the  boss's  wife, 
herself  and  her  husband.  The 
boss  suggested  that  she  talk  to 
the  vendor  to  get  the  tickets." 

Efficiency 

This  data  center  is  being 
relocated,  and  movers  are 
scheduled  to  transport  four 


at  the  parking  lot,"  fish  says. 
“I  spotted  several  men  load¬ 
ing  the  UPS  units  onto  a 

equipment  trailer.  I  took  a 
deep  breath  and,  trying  not 
to  imagine  the  prospect  of 
our  valuable  assets  racing 
down  1-95  with  bungee  cords 
flapping  in  the  breeze,  went 
running  into  my  boss's  office." 
Once  there,  fish  calls  the 
moving  company  -  which  in¬ 
forms  him  that  its  truck  hasn't 
arrived  yet.  As  fish  and  his 
boss  run  outside  to  confront 
the  movers,  they  spot  another 
tenant  approaching  the  trailer 
too.  “Their  company  was  also 
moving,  and  the  landscapers 
were  actually  hired  by  them," 
says  fish.  “We  breathed  a  sign 
of  relief  as  we  spotted  our 
moving  truck  pulling  into  the 
parking  lot." 

Two  Layers,  Right? 

It's  7  a.m.  at  this  engineering 


of  the  production  depart¬ 
ment.  “She  was  complain¬ 
ing  about  a  new  dual-layer 
DVD  burner  that  a  tech  had 
recently  installed,"  says  Ash. 
First  she  tells  fish  that  the 
new  DVD-burning  software 
is  too  difficult  to  use.  Then 
she  claims  the  drive  itself  is 
broken  and  won't  bum  a  disk. 
Seeing  scraps  of  stick-on 
labels  on  the  user's  desk,  fish 
pops  open  the  DVD  tray  to  ex¬ 
amine  the  media.  Sighs  fish, 
“For  some  reason,  she  had 
attached  labels  to  both  sides 
of  the  DVD." 

■  Feed  the  Shark!  Send  me 
your  true  tale  of  IT  life  at 
sharky@computerworld.com. 
You’ll  get  a  stylish  Shark  shirt 
ifluseit. 


■  FRANKLY  SPEAKING 

Frank  Haves 


Crazy  Time 


TERRY  CHILDS  is  in  the  news  again.  Remember 
Childs,  that  lone-wolf  network  administrator  who 
worked  for  the  city  of  San  Francisco?  In  July  2008, 
he  was  arrested  for  refusing  to  tell  his  bosses  the 
passwords  to  the  city’s  high-speed  network.  He’s  been  in  jail 
ever  since  because  he  hasn’t  made  his  $5  million  bail. 

Now  he’s  asking  the  city  to  pay  $3  million  for  canning  him. 


Crazy,  huh? 

Specifically,  Childs 
filed  a  claim  for  “wrong¬ 
ful  suspension  without 
pay  and  wrongful  arrest 
[and]  violation  of  civil 
rights,”  according  to  the 
claim  form  dated  Jan.  8. 
That  $3  million  breaks 
down  as  $1  million  for 
economic  damages  — 
most  likely  lost  pay  and 
benefits  —  plus  $1  million 
for  emotional  distress  and 
$500,000  each  for  attor¬ 
ney's  fees  and  unspecified 
“special  damages.” 

Remember,  this  is  after 
Childs  allegedly  changed 
the  network’s  passwords 
so  only  he  knew  them, 
installed  modems  to 
gain  outside  access  to 
the  network,  configured 
routers  so  they  could  be 
controlled  only  from  ob¬ 
scure  locations,  harassed 
an  auditor,  threatened  his 
boss,  lied  to  investigators 
about  knowing  the  pass¬ 
words  and  finally  turned 
the  passwords  over  to 
San  Francisco’s  mayor. 


Yes,  it  all  sounds 
wacko.  But  actually,  this 
wrongful-suspension 
claim  isn’t  a  surprise. 
Childs  was  suspended  on 
July  9;  he  had  six  months 
to  file  a  claim,  which 
was  necessary  if  he  ever 
wanted  to  sue  the  city. 

His  claim  was  turned 
down  on  Jan.  23,  and 
now  he  has  another  six 
months  to  file  a  lawsuit. 
Makes  sense  now,  right? 

Meanwhile,  Childs  will 
be  in  court  next  week  to 
be  arraigned  on  the  crimi¬ 
nal  charges  against  him: 
tampering  with  a  comput¬ 
er  network,  denying  other 
authorized  users  access 
to  the  network  and  caus¬ 
ing  more  than  $200,000 


J  Is  there  a 
Terry  Childs  in 
your  IT  shop? 
Let’s  hope  not. 

But  it  doesn’t  take 
extreme  behavior 
to  create  an  epic 


in  losses.  If  he  squeaks 
through  the  criminal  case, 
he’ll  have  a  shot  —  albeit  a 
very  long  one  —  at  getting 
his  $3  million. 

As  for  the  rest  of  us  — 
well,  we’ve  got  troubles 
of  our  own,  don’t  we? 
We’re  dealing  with  bud¬ 
get  cuts,  layoffs,  longer 
hours  and  shorter  tem¬ 
pers.  Why  should  we  care 
about  some  net  admin 
who  went  over  the  edge? 

But  maybe  that’s  ex¬ 
actly  what  we  should 
care  about. 

Six  months  ago,  I  wrote 
that  the  Terry  Childs  fi¬ 
asco  carried  a  lesson  for 
everyone  in  IT  shops:  As 
the  only  person  with  con¬ 
trol  of  the  city’s  network 
backbone,  Childs  was  a 
single  point  of  failure. 
That  made  him  a  reli¬ 
ability  risk  —  one  that, 
uncorrected,  eventually 
created  a  huge  problem. 

Now  it’s  worse.  Today, 
deep  in  a  recession,  we’re 
all  at  risk,  from  the  CIO 
down  to  the  lowliest  help 


desk  tech.  We’re  short- 
staffed,  overworked  and 
under  pressure.  More 
and  more,  we  depend 
on  every  person  in  the 
department.  We’ve  got 
no  cushion,  no  safety  net. 
Each  of  us  could  become 
a  reliability  problem  — 
and  we’re  too  cash- 
strapped  to  eliminate  ev¬ 
ery  single  point  of  failure. 

Is  there  a  Terry  Childs 
in  your  IT  shop?  Let’s 
hope  not.  But  it  doesn’t 
take  extreme  behavior 
to  create  an  epic  failure. 

It  doesn’t  even  take  a 
little  craziness.  Under 
this  pressure,  we  can  get 
sloppy,  cut  corners  and 
miss  warning  signs  that 
eventually  cost  us  in  a  big 
way  —  and  that’s  when 
it  comes  to  both  systems 
and  people. 

Don’t  let  it  happen. 
Make  sure  everyone  in 
your  shop  takes  a  little 
extra  time  and  care  with 
the  hardware  and  the 
techs,  the  networks  and 
the  admins.  Reinforce 
your  procedures,  your 
fail-over  plans  and  your 
teams  —  and  especially 
the  people  who  you  really 
can’t  afford  to  have  fail. 

Because  in  crazy 
times  like  these,  that 
may  be  the  only  safe¬ 
ty  net  you’ve  got.  ■ 

Frank  Hayes  is  Computer- 
world’s  senior  news 
columnist.  Contact  him 
atfrank_hayes@ 
computerworld.com. 
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With  NetApp®  at  the  heart  of  your  business,  you  can 

EFFORTLESSLY  HOLD  YOUR  DATA 


at  a  fraction  of  the  cost  and  footprint. 

Imagine  storage  and  data  management  solutions  smart  enough  to  support  the  data  you  need,  and  not  a  tot  of  dead  we» 
It's  possible  when  you  partner  with  NetApp.  Our  industry-leading  solutions  use  deduplication  and  other  space-saving  techra 
to  help  you  store  data  efficiently  and  reduce  your  footprint  by  50%  or  more.  So  you  can  manage  exponential  growth  wh 
minimizing  your  storage  investment — all  with  the  support  of  a  team  that  will  exceed  your  expectations.  See  how  we  can  l 
your  business  go  further,  faster.  Find  out  how  you  can  use  50%  less  storage,  guaranteed,-  at  netapp.com/efficiency. 


I  NetApp 

Go  further,  faster 


NEC’s  advanced  communications 
solutions  put  you  in  charge  when  it 
matters  most. 

Finally,  a  communications  solution  capable  of  providing  up-to-date  patient 
information  whenever  and  wherever  it  is  needed. 

NEC’s  Unified  Communications  provide  a  dynamic  and  realistic  connection  among 
individuals,  devices,  applications,  and  data.  Based  on  a  combination  of  innovative 
technologies  and  advanced  solutions,  its  mobility  and  flexibility  enables  people  to 
experience  greater  efficiency  and  productivity  -  in  any  industry. 

Integrated  IT  and  networking  solutions  like  these  have  made  NEC  a  world  leader, 
and  your  reliable  business  partner. 

Regardless  of  the  communications  solution  your  business  demands,  you  are 
assured  of  one  thing.  NEC  empowers  you  through  innovation. 


www.necus.com/uc 
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